celzero
Allow enabling WireGuard configs *BEFORE* clicking `START` button
This issue presents a fix for a security bug where the rethink app leaves a user vulnerable (by exposing their IP address) because they cannot enable WireGuard before enabling the proxy of the rethink app.
Problem
There was an attempt to enable "lockdown" mode in #976, but it was added under the WireGuard config. As a result:
- Lockdown mode cannot be enabled until the WireGuard config is first enabled (by clicking the "toggle" button next to the WireGuard config under the
Proxyscreen), and - The WireGuard config cannot be enabled until the Rethink app's "Android VPN" is enabled (by clicking the
STARTbutton)
This introduces a vulnerability where the user's IP address is leaked in the process of turning on Rethink.
For reference, I use AFwall+ to make sure that my apps cannot access the internet unless they go through the Android VPN. That means that if I don't have a VPN service running, then the apps have no Internet access. In other "VPN" apps (like Orbot and OpenVPN for Android), this also means that the the apps still don't have internet access when the actual VPN connection is being established. However, this bug means that as soon as I click START in the rethink app, my apps suddenly are given clearnet internet access, and they are leaking their IP address to the public Internet...until I'm able to enable the WireGuard config.
Solution
The solution to this security bug is to permit users to enable WireGuard configs before they click the START button in the app -- so that traffic is already setup to go through the WireGuard tunnel before Android routs their traffic through rethink
For more context, see:
- https://github.com/celzero/rethink-app/issues/976#issuecomment-3568230705